ebfbcc19-3196-479a-98a3-056579b0ac0b.png
brian_christner.jpeg
Brian Christner

How to Deploy Containers Directly to AWS ECS using Docker

Docker has been busy at work, extending the Docker compose functionality. What's new this week is the ability to deploy docker containers directly to Amazon AWS ECS using the standard Docker commands.

A flurry of development has occurred since the release of the compose specification. Microsoft Azure integrated compose with their Azure Container Instances (ACI) and now Amazon with AWS ECS.

The new compose specification allows developers to develop locally and then switch context to AWS and deploy the same application directly to AWS ECS using all your existing local development tools and workflows.

The integration between Docker and Amazon AWS ECS allows developers to use the Docker CLI to:

  • Set up a new Docker context https://docs.docker.com/engine/context/working-with-contexts/ enabling the connection between Docker and ECS. The new AWS context is setup using one Docker command. Docker Context allows you to switch from a local context to a cloud context and run applications quickly and easily.
  • Simplify multi-container application development and deployment on Amazon AWS ECS using the Compose specification.

Prerequisites

Before getting started, we need to ensure a couple of things are in place.

Ensure you have the latest Docker edge release containing the ECS functionalityEnsure you have an AWS accounthttps://aws.amazon.com/cli/https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.htmlhttps://docs.aws.amazon.com/AmazonECS/latest/userguide/create_cluster.html

Setup ECS in Docker

Once we complete the prerequisites, we can continue with the setup of Docker with ECS. Docker has a built-in setup tool, surprisingly called docker ecs setup How easy is that?

Open a Terminal window (Powershell or Linux shell)docker ecs setupAnswer the questions prompted on the screen

  • Enter context name: Choose a unique identifying name for the AWS ECS context
  • Enter cluster name: Step 4 of the prerequisite you should insert the name of the cluster you created here
  • Enter region: This is the region where you ECS cluster is deployed
  • Enter Credentials: Step 3 of the prerequisites insert your access keys here

    to view your available contexts.

Deploying our first app

I've created a demo repo using my favorite cat Gif generator Python application.

Deploy our image to AWS Elastic Container Registry (ECR)

  1. Copy the image URI. Should look something like 123456.dkr.ecr.eu-central-1.amazonaws.com/brian-test/docker-ecs-demo

Once the image is available in ECR, we can deploy our application.

First, edit the docker-compose.yml file

/docker-ecs-demo``docker-compose.yml file

Should look like

version: '3.4'

services:
  pythonproject:
    image: 123456.dkr.ecr.eu-central-1.amazonaws.com/brian-test/docker-ecs-demo
    build:
      context: .
      dockerfile: Dockerfile
    ports:
      - 80:5000

Next, we can deploy the Cat GIF application.

to provide a unique name to our stackThis command will then run for a couple of minutes as AWS will create the ECS service & task, Security Groups, Logging, Loadbalancers, Roles, networks, and more.. Here you will find the deployment of our Cat application``EC2 -> Load Balancers at the end of the DNS name

Here's the Cat Application running in the 56K.Cloud account. Every time you refresh the webpage, you find a new Cat GIF. Endless entertainment and the true use of the internet, cat GIFs.

Live Demo - http://pythondemoloadbalancer-8271419734bafe24.elb.eu-central-1.amazonaws.com:5000/

Private Docker Repos

Docker ECS integration automatically configures authorization so you can pull private images from Amazon ECR registry on the same AWS account. If you want to use another registry, including Docker Hub, you’ll have to create a Username + Password (or Username + Token) secret on Amazon SMS service.

The Docker ECS integration also offers the possibility to use secrets. The docker ecs secret command allows you to manage secrets created on AWS SMS without having to install the AWS CLI.

docker ecs secret create dockerhubAccessToken --username <dockerhubuser>  --password <dockerhubtoken>

arn:aws:secretsmanager:eu-west-3:12345:secret:DockerHubAccessToken

Once created, you can use this ARN in your Compose file using using x-aws-pull_credentials custom extension aside the Docker image URI for your service

version: 3.8
services:
  worker:
  image: mycompany/privateimage
  x-aws-pull_credentials: "arn:aws:secretsmanager:eu-west-3:12345:secret:DockerHubAccessToken"

If you set Compose file version 3.8 or later, you can use the same Compose file for local deployment using docker-compose. Custom extension will be ignored.

What's next for Docker ECS?

Since Docker ECS is freshly available on the Edge channel we recommend testing and providing feedback. If you find any issues please report them directly on the Docker ECS repo.

More information

Find out more about 56K.Cloud

We love Cloud, IoT, Containers, DevOps, and Infrastructure as Code. If you are interested in chatting connect with us on Twitter or drop us an email: info@56K.Cloud. We hope you found this article helpful. If there is anything you would like to contribute or you have questions, please let us know!

#

brian_christner.jpeg

Brian Christner

Software Engineer